New issue
Advanced search Search tips

Issue 677294 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner: ----
Closed: Oct 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug


Show other hotlists

Hotlists containing this issue:
HSTS-Preload


Sign in to add a comment

Add/update checks to detect uppercase characters in preloaded domains

Project Member Reported by mart...@martijnc.be, Dec 28 2016

Issue description

UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2950.4 Safari/537.36

Steps to reproduce the problem:
The generator should check that all hostnames use lowercase characters only.

Hostnames are converted to lowercase before a lookup is performed so hostnames with uppercase characters will never be found.

(This should be under the Internals>Network>DomainSecurityPolicy component)

What is the expected behavior?

What went wrong?
Hostnames are preloaded incorrectly and will never be found.

Did this work before? N/A 

Chrome version: 57.0.2950.4  Channel: dev
OS Version: 
Flash Version: Shockwave Flash 24.0 r0
 

Comment 1 by mmenke@chromium.org, Dec 28 2016

Components: Internals>Network>DomainSecurityPolicy
Labels: TE-NeedsTriageHelp
Project Member

Comment 3 by bugdroid1@chromium.org, Jun 9 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e7c54372558c9bb3e5861096087685fd5b73f8ea

commit e7c54372558c9bb3e5861096087685fd5b73f8ea
Author: martijn <martijn@martijnc.be>
Date: Fri Jun 09 19:27:37 2017

Check that all preloaded hostnames are in canonicalized form.

The hostnames in the preload list must be in their canonical form because they
are matched against canonicalized input by the Chromium code. Non-canonical
hostnames would never be matched.

This CL also removes one entry which is not in canonical form. The list already
contains entry in its canonical form.

BUG= 677294 

Review-Url: https://codereview.chromium.org/2906223002
Cr-Commit-Position: refs/heads/master@{#478369}

[modify] https://crrev.com/e7c54372558c9bb3e5861096087685fd5b73f8ea/net/http/transport_security_state_static.json
[modify] https://crrev.com/e7c54372558c9bb3e5861096087685fd5b73f8ea/net/tools/transport_security_state_generator/input_file_parsers.cc
[modify] https://crrev.com/e7c54372558c9bb3e5861096087685fd5b73f8ea/net/tools/transport_security_state_generator/transport_security_state_generator.cc

Status: Fixed (was: Unconfirmed)

Sign in to add a comment